HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
Operating System - OpenVMS
cancel
Showing results for 
Search instead for 
Did you mean: 

SNMP and potential vulnerability

 
SOLVED
Go to solution
Tom Dorr
Occasional Visitor

SNMP and potential vulnerability

Back in 2/2002 this alert was sent regarding SNMP vulnerability. Is this still the case?
I'm running VMS7.3 and TCPIP 5.1 ECO 4.
Thanks,
Tom

The Computer Emergency Response Team (CERT/cc) has recently issued an
advisory regarding numerous potential vulnerabilities in SNMPv1
implementations. These potential vulnerabilities are applicable to
SNMPv1 trap handling and SNMPv1 Request handling. The CERT article
outlines vulnerabilities that can cause SNMP services to stop
functioning and in some cases may enable "unauthorized access,"
"denial of service attacks" or may cause system instability.

IMPACT:

Compaq TCP/IP Services for OpenVMS:
2 REPLIES
labadie_1
Honored Contributor

Re: SNMP and potential vulnerability

I do not know if this is fixed, but the last Eco for Tcpip 5.1 is Eco 5. You should anyway apply it.

regards

Gerard
Ian Miller.
Honored Contributor
Solution

Re: SNMP and potential vulnerability

If I recall correctly then this wasn't fixed in V5.1 because supported had ended for that version when the problem was fixed so you have to update to a later version then apply latest ECO. See release notes for TCPIP patch kits to see when the SNMP problem got fixed.
____________________
Purely Personal Opinion